Lei CHEN
Tel: 604-***-**** Email: acrpfm@r.postjobfree.com
Objective: Sr. System Analyst
Highlights
CCIE Voice / R&S #24593 (SP/Security/DC written only), Over 9 years of design management and deployment large scale LAN, WAN, voice and data projects
Design network of multi-vendor WAN,multi type VPN, International large scale corporate network
Different IT background such as Government, Data center, Education, Health, Airport, Oil/gas, International corporation and middle/small business
Excellent knowledge of routing switching, Firewall, security and VPN, VOIP (Cisco UC family) and MS-Windows products
Ability to work efficiently under pressure and to handle multiple tasks, get along with others
Scripting and light programming (PHP,VBS,JAVA,BASH,HTML,UCCX)
Good problem solver, good analytical skills, self-starter, quick learner Professional Skills
Platform
Windows 2012/2008/2003, Linux (Redhat/CentOS/Ubuntu) UNIX (FreeBSD), Solaris 9/10
Vblock
Cisco Router IOS/IOS-XR/NX-OS ISR, ASR etc
Cisco Nexus7k/6k/5k/2k/1k, other Layer2/3 switch etc Cisco ASA/PIX 55xx,
Cisco MDS 9000,
IBM, Brocade SAN Switch
Juniper SSG Junos, Vyatta OS
Notel8600 / HP A5800
Cisco UCS5108,FI6120/6248, C220, B200/230 M3,B5409 EMC/NetApp 6200 SAN
Dell PowerEdge, HP DL380/BladeSystem
IBM X3560/En4093R/Mainframe Z
VPN
MPLS VPN /SSL VPN/ DMVPN, Multicast VPN,
ASA IPSec,EZvpn, AnyConnect VPN
L2TPv3 VPLS/IPLS
CheckPoint, ISA, Citrix XenApp/VM View Virtual desktop VPN OpenVPN IOS IPv6 Channel/VPN
Firewall
Cisco ASA, Juniper
CheckPoint, F5, Nokia, Sophos
Fortinet, SonicWall, Palo Alto
Lei Chen Cell : 604-***-**** Email : acrpfm@r.postjobfree.com Page 2 of 11
pfSense, M0n0wall
General firewall base on iptables
Security
Authentication: AD, ACS, Radius, Tacacs+, LDAP, 802.1X, PKI Auditing: ISE,WSA,Nessus,Netscout,NMAP, Qualys,NSC, BT5 Monitoring: Orion, Eye of Storm, Zabbix, Nagios
HA: HSRP/VRRP, PAgP/LACP
Load Balance: F5, SPT, MSPT, Citrix VPX/Netscaler
IDS/IPS: SourceFire, SiteProtector, Mandiant, SNORT, Cisco4240 Caching: BlueCoat, TippingPoint, WSA/Ironport, Squid Proxy Visualization
VMware vSphere, ESXi, (DRS/HA/FT/vMotion)
VMware View
Citrix XenServer, XenApp
Hyper-V
Unified
Communications
Cisco Unified Call Manager/Unity Connection 4.3,6,7,8,8.6,10.5 CUPS7,8.5,8.6,9.0, Cisco Jabber
UCCX/ UCCE solution(ICM/PG/CG/CTI/CTIOS/AW/PIM)
CME/CUE/MPE on Cisco Router 28xx/38xx,29xx/39xx/43xx, MCU 4501, VCS, TMS, C20,C60, SX20, EX90
MS-Lync2013/2010,MS Office OCS 2007
Asterisk Family,
Avaya IP Office Manager
Polycom, Acme
AuidoCode Voice Gateway
Cisco UCS, Vistapoint(AA)
Services/Protocol
LAMP,LDAP, DHCP, SMTP, SNMP, NAT/PAT Proxy, DNS, FTP,NTP MGCP,H323,SIP,XMPP, RTP, SRTP
Fabric Channel
iSCSI, Fabric Path
SAN
EMC/NetApp/IBM/ Dell SAN
Cisco MDS 9000
FC, iSCSI, FCoE
Openfiler, FreeNAS,
RAID0/1/3/4/5/6/10/50/60
MS Exchange 2013/2010/2003
Zimbra
Postfix+Zarafa+Dijgzo
iRedMail, SquirrelMail, Horde,Qmail
Wireless
Cisco WLC 250*-****-**** (WLC)
Cisco 1140/3600/1552E AP
Citrix XenMobileDeviceManager(MDM),
BlackBerry Enterprise Server(BES)
Vmware AirWatch
Aruba AP-225,135
Lei Chen Cell : 604-***-**** Email : acrpfm@r.postjobfree.com Page 3 of 11
Meraki MR18, MR62
Education and Training
Bachelor’s Degree in Information Management and Computer Science 2003 University Finance of ChangChun, ChangChun, China
Cisco Certified Internetwork Expert (CCIE #24593 Voice R&S) 2008 Cisco Certified Network Associate (CCNA) 2002
Virtualization training for VMware vSphere 2011
Avaya ACE-IP Tel Design and Implement training 2012 Certified First-Aid/CPR 2013
H2S-(Hydrogen sulphide) safety training 2013
INE.com Boot camp of CCIE Data Center training 2014 Professional Experience
Sr. Network Analyst
KGHM International Inc., Vancouver, BC, Canada (contract) 2015.7-2015.12
- Project of corporate DMVPN redesign
Cisco 4321 DMVPN design with single cloud dual core certificate
ASA IPSec VPN and DMVPN routing redesign
WAN edge redesign with ISR 4321 and ASA 55XX with CX, with voice SRST and DMVPN
Corporate Internet edge routing redesign with ISR and Firewall
Trouble shooting with AnyConnect VPN client for dual certificate user, Setup backup AnyConnect VPN server
Email filter via Cisco Iron port
AnyConnect logging analyst
- Project of corporate video conference
MCU 4501, video conference codec trouble shooting
TMS, VCS CUCM management, trouble shooting
End point C20 C60 C90 SX20 EX90 EX20 etc implement
Jabber video client testing
VGW global DID video call testing
WebEx bridge video merge
Lei Chen Cell : 604-***-**** Email : acrpfm@r.postjobfree.com Page 4 of 11
IT Project Network Analyst
Talisman energy inc., Calgary, AB, Canada (NYSE/TSX:TLM) (contract) 2014.5-2014.9
- Project of corporate telephony and unified communication. Retire Avaya, upgrade to CUCM.
Deployment new Cisco UC OVA in Vblock (UCS+EMC+Vmware)
Design/Deployment of new CUCM 10.5/Unity Connection/E911/CUPS/PRIME/AA/Jabber client of PC/iphone/ipad(CUWL license),License manager
Deployment voice gateway T1/E1/CUBE on 3925, Acme Packet SIP trunk to service provider, VG350 and Audio Code for fax
Deployment new endpoint IP phone 7841/8841/7861/8851
Retire old gatekeeper, CME, move to new CUCM, and adjust configuration of CUCM to talk with other CUCM in USA/UK/Peru via SIP trunk.
Adjust Polycom video conferencing (RMX4000/VBP5300) to work with CUCM, web conference, Add new video endpoint Cisco SX20, EX90 etc
Retire Avaya IVR, take over from HP. Configuration for IPCC agent to work with Verzion virtual call center
Deployment QoS in all switch and core endpoint
Troubleshoot and fix advanced network related issues in collaboration with other teams.
Monitor enterprise network for status, add new devices to Orion
- Project of retire old Cisco 6513/Notel 8600 switch to new Nexus 7k/5k/2k switch.
Adjust routing between HQ and backup datacenter where is in other country.
Redesign new data center network topology, Draw visio diagram
Redesign IP/Vlan/Rack, write migration step report
Retired all HP A5800 switch, move to Cisco N2k switch
Deployment and configuration of Nexus 7009, 5548, 2232
- Project of network security enhance. Retire CheckPoint/Juniper, upgrade to ASA 5555X.
Deployment of NetScout Infinistream
Adjust Mandiant(FireEye) IPS sensor, Support QualysGuard
Performed load balancing by configuring BIG-IP F5 LTM (1600, 3400) and creating virtual servers to load balance all types of physical servers
Provide support and resolution of network security problems on the LAN/WAN
Participate in network security incident response team
Collaborate with external security vendors for security alerts response.
Monitor network security devices performance, analyze data flow to identify issues and make recommendations.
Contact vendors of network equipment or network provider for technical assistance and problem resolution.
Lei Chen Cell : 604-***-**** Email : acrpfm@r.postjobfree.com Page 5 of 11
Infrastructure Specialist (UC)
ARCAN resources Ltd., Calgary, AB, Canada (Contract) 2014.4-2014.5
- IP Telephony upgrade project. UC540/560 upgrade to CUCM10.0
CUE upgrade to UC10.0
Fix Smart CallConnector server outbound call/ VoiceView issue. Migration to CUPS
Windows AD account adjust,
Windows AD OU redesign, GPO redesign
Integration Windows AD and CUCM/UC/CUPS
Voice gateway upgrade from UC540/560 to Cisco 3925 (PRI/PSTN/FAX/QoS)
CUPS new implement and initial configuration, Cisco jabber mobile client setup
Dial plan analyst/trouble shooting, deployment of new DID
Dell Sonic FW trouble shooting (Sonic NSA3600/2400MX)
VPN network redesign (VPN routing and NAP/NAC feature)
Infrastructure redesign (IP/routing redesign, Layer2 redesign(Dell 5548), migration from Telus management)
Production/Solution consulting
Offer training for end clients as trainee
Finally, solution/redesign report
IT Consultant (Contract) 2014.1-2014.4
Interpipeline Fund Inc., Calgary, AB, Canada (TSE:IPL)
- Project(MDM) Xen Mobile Device Manager
Install new Windows Certificate Server in vCenter, Integrate with Windows AD
Create new Windows AD group, OU for mobile user and devices
Redesign/adjust PKI policy; ASA policy adjusting for MDM
Deploy Cisco ISE for new mobile/wireless devices
Health check, recommendation, policy setup, packet deployment for Apple IOS, Android, Windows Surface, Nokia/BlackBerry cell phone etc.
Xen MDM backend SQL DB migration from PostgreSQL to MS SQL DB
BlackBerry Enterprise Server retired, migration to Xen MDM platform
PKI Enterprise cell phone center control, policy setup, certificate enrolment, ISE allow access
Manage small to medium sized projects according to budgets and schedules
Lync 2010 iphone client testing(Email/Voice Mail/Dial Plan/IM)
- Project UC upgrade (vm CUCM8.6->9.2,UC8.6->8.6(2)SU3,CUPS retired)
Maintain and support Cisco VoIP telephone system (ticket of VOIP system)
DR site testing, DR site health check
Integration of Lync 2013/Exchange 2013 with CUCM
Upgrade MS-Lync 2010->2013, upgrade Exchange 2010->2013 Lei Chen Cell : 604-***-**** Email : acrpfm@r.postjobfree.com Page 6 of 11
- Project of Office moving (move to new building in another location, setup all floor switch/IP design/vlan/routing/wifi/voice/video)
Designing, configuring, installing, integrating, maintaining and troubleshooting of enterprise LAN/WAN networks and systems (enterprise converged networks, wired and wireless)(Nexus6001/ASA/3750X)
Network performance evaluation, monitoring and optimization(Orion/WSA), implement new IPS, new SYSLOG server (Linuxbox)
Retire old IBM and Dell SAN switch, upgrade to new Brocade 6510 Fabric Channel Switch
Firewalls, intrusion detection, network access control, incident response and escalation, security policy articulation and compliance checking(ASA/ISE/WSA)
Administer and maintain server environments to ensure effective and efficient performance
(Citrix/Domain Controller/vCenter/ISE/SCCM/Orion/Lync/Exchange/Storage/FC switch system /EMC storage administrator)
IBM chassis (EN4093R) sw, Cisco C220M3,VMware vCenter operation
SCADA network access control, firewall/access rule setup
Maintain accurate and comprehensive documentation diagrams of network infrastructure
Identify, troubleshoot and resolve system and network issues
Identify opportunities for network growth and scalability with recommended courses of action to support the current and future goals of the organization
Work with project teams in the design, development and review of technology solutions Senior Enterprise Network Administrator (Contract) 2013.2-2013.12 Apache Canada Ltd. Houston, TX, USA/Calgary, AB, Canada (NYSE:APA)
Daily network support, include data/voice/video/wifi/digital signal/utility/SCADA/ VSat network
Daily SAN support and maintain, FC/zoning/WWN setup/Snapshot/backup (Veeam)
Daily core server support and maintain, include USC manager/ Fabric manager/
Daily vCenter admin, vSwitch management, vPC L2 redesign etc
Daily MS-Lync /Exchange/SCCM server support and maintain
Daily SCCM server support and maintain, Win7/Win2008 image distribute
Daily operation on AD/Email/DNS/DHCP/MS-SQL (base on MS-Windows 2008R2,2012 )
Firewall daily operation. (Permit MGCP/RTP/SRTP/SIP/H323/RDP traffic etc.)
Firewall rules adjust for Enterprise VPN, remote access, management
Enterprise security includes virus/backdoor/Trojan/p2p download/action control etc.
Daily operation on Cisco ACS/ISE, adjust some allow rules
Daily support, optimize and maintain, such configuring BIG-IP F5 LTM, Citrix NetScaler.
Network device access security by ISE/ACS
Setup each field site router, switch, voice gateway, wireless access point (2911,3945) Lei Chen Cell : 604-***-**** Email : acrpfm@r.postjobfree.com Page 7 of 11
Data center IPS(source fire), N7k(7009), UCS 5108/FI6248/B200/230/C220 M3, WLC, FW(ASA5555x,JuniperSSG140)support
Emergency field site support (Emergency respond, like debris flow, blowout fire)
Office moving project. Design new architecture like, include floor design, data center design, field site design, guest Wi-Fi, meeting room design, digital signal, utility system, equipment selection and order etc.
Solarwind Orion admin, update map, add/adjust node, monitor, alarm, report etc.
CUCM/UC upgrade(8.0->8.6). Voice gateway, Lync voicemail upgrade. Resolve trouble ticket of network and phone system(CUCM).UCCX IVR script design. Other voice device
(VG202 VG248 etc.)
Video conference admin (Tandberg C60,C90,EX90; Polycom HDX,GS 500; ClearOne)
Wireless network admin(Cisco WLCv,5508, 4402; AP1142 1552E 3602 etc)
Network documentation/Syslog/Cisco License PAK/DID range etc document management Senior Network Specialist
Bell Canada Inc. Calgary AB, Canada (Contract) 2013.01-2013.06
Bell NHS network support(vender backbone network, multi-client hosting service)
Daily operation on BGP AS604, AS6539, AS8104
Daily operation on BGP/OSPF routing table support(600k+ routing table)
Daily operation on Cisco ASR 9006/Juniper MX480/N7k(7010)/6509/6513
Daily operation IS-IS, OSPFv3 (IPv6), client VRF
MPLS Traffic Engineering customer support
Support client VPLS
Support on vSphere and ESXi host / SAN
Support and maintain Bell NHS MPLS VPN backbone network
Statistics of all network device in data center (script, how many interface in use, MAC table)
implement new N5k/N2k in data center, and cabling/setup them
All network device security health check, upgrade newer IOS
- Bell Calgary data center upgrade project (migration of all physical server client to virtual environment).
Redesign all physical client network environment
All physical server performance (CPU/Mem/IO) evaluation. VM merge TCO/ROC analyze.
Vblock system and NetApp FAS 6240 storage (ONTAP 8.1) implementation.
NetApp storage design, Brocade SAN switch configuration. FC/FCoE setup etc
Configuration for new vSphere environment (Setup DRS/HA/FT/vMotion/Storage vMontion
/Host Profile. Cisco Nexus 1000v, add vlan in both trunk side, adjust client gateway type.)
All VM logical volume management. (LUN mgmt)
Adjust firewall rules for new virtual clients, adjust ASA module for new SVI
NOC Environment: Data centers, disaster recovery, SLA, 24X7 environment Lei Chen Cell : 604-***-**** Email : acrpfm@r.postjobfree.com Page 8 of 11
Senior Network specialist (Contract) 2012.12-2013.01 CompuCom Canada Co. Calgary AB, Canada (Cisco Gold Partner)
- Project of Data center moving: Lead racking equipment and provided cabling and initial configuration, troubleshooting and migration
Provide technical expertise and support to full cycle sales process
Conduct on-site pre-sale business and technical requirements gathering and analysis
Identify and prioritize technical issues and risks
Plan and conduct formal reviews of solution architecture that ensures overall compliance with quality, architecture, and functional requirements
Collaborate with product managers on new feature prioritization and delivery
Nexus 7k 5k 2k series switches upgrade/configuration/install/implement.(7010,5596,2248)
Cisco ASA 5555x /ASR 7609/ 3750
upgrade/configuration/install/implement(ASA5555X,ASR1002.7609)
Test supervisor, switch ability, port etc hardware. Setup initial configuration
Client presentation (Devon Energy)
Provide end-of-day progress and documentation updates Level 3 Network Support (Contract) 2011.1-2012.12
IBM Canada Inc. Calgary AB, Canada (NYSE:IBM)
Daily support and maintain network devices, routers(28/36/38/2900 etc) switches(N7k,5k,2k,65/45/37/35/2900 etc) IPS/IDS VPN(IPsec,DMVPN,EZvpn) ASA and other server for different clients
Remote support/troubleshooting large scale network.( support 2000+ devices DMVPN)
Some servers support TACACS, Radius, RSA, Orion, Eye of storm, NAS
Daily operation on IBM’s client data center
Fail-over / Load balance setup troubleshooting; DR backup on everyday
Cisco wireless WLC support (Cisco 2504,4400,5508,1142N)
Cisco Voice Gateway support (H323 MGCP SIP on 2800/3800/2911)
IPS/IDS analyst and report (SiteProtector, Cisco 4240)
Client account documents/Log support (Linux Syslog)
CUCM/UC virtualization/implement/migration/cluster on Cisco UCS 5108
Core call routing/pattern design (Base location/Role Extension Mobility etc)
CUCM/CME SRST/AAR failover test
UCCX IVR script with SRST design/ Phone agent implement/setting up
Traditional phone line merger to branch office gateway via CME
Client include: Suncor, CP Rail, TD, ATB, Telus, Toronto Airport, AHS, AEI, AHW etc
NOC Environment: Data centers, disaster recovery, SLA, 24X7 environment Lei Chen Cell : 604-***-**** Email : acrpfm@r.postjobfree.com Page 9 of 11
Network Specialist (contract) 2010.1/2011.1
Bulletproof Solutions Inc, Fredericton, NB, Canada (Cisco Gold Partner)
Design and configure SSL VPN network for clients(IPSec/AnyConnect VPN)
Troubleshooting some issue of servers base both Windows and Linux
Setup network devices, routers(2821/3845) switches VPN ASA(5505/5520)
Remote support troubleshooting for clients(SSH to Router/Switch/Firewall etc)
Design/Modify network solutions for clients
Setup Cisco wireless router(800 series, ISR series)
Cisco UC family production(UC540) support and troubleshooting (H323 SIP MGCP gw etc)
Migration/merger other voice system to CUCM (Asterisk/Mitel etc)
Setup Polycom video conference system working with Cisco C20 video conference system Senior System Engineer 2005/2009
JEBOO.COM Co., Ltd., Guangzhou, China
Design management and deployment MPLS VPN Network for IPTV service
Design distributed branch office and High availability core website
Design and configure SSL VPN network for clients,
Setup network devices, routers switches VPN ASA
Setup Cisco wireless router
Managed and maintained Huawei BTS for cellular network (GSM based)
Setup all stuff about network devices, PC servers. (Windows &Linux)
Deployment of Redhat Linux Server( LAMP)
Monitor bandwidth, hacking and make sure the clean traffic
Troubleshooting of DNS, Sendmail, QOS, Radius, LAMP server and routing policy
Responsible local VOIP system (Asterisk)
Performed Centrex translations for Nortel DMS and GTD-5 Digital Switching Systems.
Developed software for Centrex translations within a Nortel DMS100/500 Telecom switch.
Setting up Databases servers and maintenance jobs for new deployments
Provide remote technical support to distributed workforce
Troubleshooting mobile terminal remote access to corporate network
Commercial negotiations and some contract paper work with ISP Network Analyst 2004/2005
China Customs, ZhuHai, China (Data Center)
Network traffic purifying, IPS policy, data privacy, Catching policy,
Monitoring/configuring services such as Nagios, Zabbix, Cacti, HP SIM using syslog and SNMP
Lei Chen Cell : 604-***-**** Email : acrpfm@r.postjobfree.com Page 10 of 11
QoS Project, traffic shaping, identity, class, and policy
Design branch office route policy and load balance (OSPF & MSTP)
Support network devices (Router, Access Service Network Gateways, storage server, IP public servers, AAA/AD Servers, etc)
Routing Policy/Summary/Filter, Route-map, Switch security, and access policy
Supporting VPN, DDN
Setup high availability server and SAN NFS, some cabling stuff Network Administrator (contract) 2003/2004
China PUTIAN Info. Tech. Co., Ltd., ZhuHai, China
Performed Unix and Windows Administration Support, router and switch operation
Remote VPN access and firewall to protect data security and improve communication
Supported a PBX VOIP system with Asterisk with PRI-ISDN trunks and unified communications.
Setup soft IDS system(Snort)
IT assistant (co-op) 2002/2003
JiLin Foodstuffs Group Co., Ltd, Changchun, China
Programmer, and desk helper
PHP coder, LAMP
Managed administrative and technical aspects of the sites Desk Helper and Networking Support Technician (co-op) 1999/2003 ZhongTong Network Company, Changchun, China
Troubleshoot Unix/NT/Linux network
Active Directory and Microsoft Exchange adds, moves and deletes
Setup Windows/Linux Server
Other Skill:
Apache+PHP+MySQL
VBA VBS script
Photoshop
AutoCAD
3DS MAX
vCenter
Lei Chen Cell : 604-***-**** Email : acrpfm@r.postjobfree.com Page 11 of 11
MathLab